Skip to content

Commit

Permalink
Update brakeman config
Browse files Browse the repository at this point in the history
This is the same warning but it now has a different fingerprint as we've
move some of the lines of code around.
  • Loading branch information
rjlynch committed Nov 1, 2024
1 parent 1cca885 commit e00f8ed
Showing 1 changed file with 24 additions and 24 deletions.
48 changes: 24 additions & 24 deletions config/brakeman.ignore
Original file line number Diff line number Diff line change
Expand Up @@ -46,29 +46,6 @@
],
"note": "Create and update should be flagged but change is not different from existing behaviour, raising issue."
},
{
"warning_type": "Dynamic Render Path",
"warning_code": 15,
"fingerprint": "2e15a7fa4c8b8254b7724a1c5b8553cf4f7372f62b9401e1f5cbda1abe8c62ef",
"check_name": "Render",
"message": "Render path contains parameter value",
"file": "app/controllers/admin/tasks_controller.rb",
"line": 20,
"link": "https://brakemanscanner.org/docs/warning_types/dynamic_render_path/",
"code": "render(action => Claim.includes(:tasks).find(params[:claim_id]).tasks.find_or_initialize_by(:name => params[:name]).name, {})",
"render_path": null,
"location": {
"type": "method",
"class": "Admin::TasksController",
"method": "show"
},
"user_input": "params[:name]",
"confidence": "Weak",
"cwe_id": [
22
],
"note": "Constrained to valid input by routes"
},
{
"warning_type": "SQL Injection",
"warning_code": 0,
Expand Down Expand Up @@ -115,6 +92,29 @@
],
"note": ""
},
{
"warning_type": "Dynamic Render Path",
"warning_code": 15,
"fingerprint": "9e2cf5f527443878fab8807fc6ca1af5a8f27690f312694489183624ab98d66d",
"check_name": "Render",
"message": "Render path contains parameter value",
"file": "app/controllers/admin/tasks_controller.rb",
"line": 20,
"link": "https://brakemanscanner.org/docs/warning_types/dynamic_render_path/",
"code": "render(action => task_view(Claim.includes(:tasks).find(params[:claim_id]).tasks.find_or_initialize_by(:name => params[:name])), {})",
"render_path": null,
"location": {
"type": "method",
"class": "Admin::TasksController",
"method": "show"
},
"user_input": "params[:name]",
"confidence": "Weak",
"cwe_id": [
22
],
"note": ""
},
{
"warning_type": "SQL Injection",
"warning_code": 0,
Expand All @@ -139,6 +139,6 @@
"note": ""
}
],
"updated": "2024-10-23 16:53:59 +0100",
"updated": "2024-10-30 16:55:54 +0000",
"brakeman_version": "6.2.1"
}

0 comments on commit e00f8ed

Please sign in to comment.